Chi En (Ashley) Shen

• 
  Chi En (Ashley) Shen ashl3y-shen.bsky.social · Feb 5
  🔥 NEW research published: We uncover #DKnife, a China-nexus gateway-monitoring framework that intercepts network traffic, monitors user activity, and delivers malware #Shadowpad & #DarkNimbus via routers and edge devices. blog.talosintelligence.com/knife-cuttin...
  

  Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework

  Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants.

  blog.talosintelligence.com
  1

  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postShow all post labels
• 
  Chi En (Ashley) Shen ashl3y-shen.bsky.social · Feb 5
  DKnife can hijack #Android application updates by intercepting the update manifest requests. The targeted applications are mostly popular Chinese-language services.
  
  1

  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels
• 
  Chi En (Ashley) Shen ashl3y-shen.bsky.social · Feb 5
  DKnife inspects network traffic to monitor and report users’ activity to its remote C2. Observed telemetry spans multiple categories, including messaging on #Signal and #WeChat, news consumption, map searches, dating app usage, taxi requests, and email activity.
  
  1

  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels
• View full thread
  
  Chi En (Ashley) Shen ashl3y-shen.bsky.social · Feb 5
  DKnife primarily targets Chinese-speaking users, indicated by credential harvesting for Chinese-language services, exfiltration modules for popular Chinese mobile applications and code references to Chinese media domains.
  
  Repost Quote post

  View on BlueskyCopy Bluesky URLCopy post URLTranslate postDownload imageShow all post labels